Was terrorist email sent from home user's unsecured wi-fi?

Anyone who has been following the international news in the last week or so, will be aware of the horrendous bombings that have taken place in India.

Seven bombs exploded in Bangalore on Friday 25 July - a southern Indian city well known to many in the IT industry because so many well-known technology firms have located some of their operations or out-sourced services there.

The following day, a series of bomb blasts rocked the city of Ahmedabad. You may have seen the TV pictures of some of the carnage, including a blown-up bus. Tragically, scores of people have died as a result of this terrible action.

A number of TV news stations received an email five minutes before the first blasts in Ahmedabad, claiming responsibility for the imminent attacks. In the email a group called the Indian Mujahideen hinted at more attacks to come.

HP Singh, the joint police commissioner in Ahmedabad confirmed to the media that the email was sent from an IP address located in Mumbai (formerly known as Bombay).

And now you can see why I'm talking about this on my blog. If the police can work out where in the world the email came from, maybe they can find the bombers, right? Well, maybe..

Last week, Kenneth Haywood, a US expat living in Mumbai, was questioned by anti-terror squad officials after it was determined that the email's IP address pointed towards him. Police seized his three computers, and several belonging to his neighbours, in an attempt to confirm who had sent the message to the news agencies.

According to the Times of India, computer forensics experts appear to be admitting that they have reached a dead end in their hunt for the originators of the email. Although Haywood's IP address was used, his computer and that of his immediate neighbours appear to carry no clues that the email was sent by them.

Most tellingly, it was found that Haywood's wi-fi internet access was not secure. In other words, it was not protected with passwords - meaning that anybody in the vicinity or passing close by, could hop on board with a laptop or other wireless device and send a message via his internet connection.

You might like

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley